]>
Commit | Line | Data |
---|---|---|
81aef6ba | 1 | /* |
a28d06f3 | 2 | * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. |
81aef6ba P |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | #include <string.h> | |
11 | #include <openssl/rand.h> | |
12 | #include <openssl/core_dispatch.h> | |
13 | #include <openssl/e_os2.h> | |
14 | #include <openssl/params.h> | |
15 | #include <openssl/core_names.h> | |
16 | #include <openssl/evp.h> | |
17 | #include <openssl/err.h> | |
18 | #include <openssl/randerr.h> | |
2741128e | 19 | #include <openssl/proverr.h> |
81aef6ba P |
20 | #include "prov/implementations.h" |
21 | #include "prov/provider_ctx.h" | |
81aef6ba P |
22 | #include "crypto/rand.h" |
23 | #include "crypto/rand_pool.h" | |
24 | ||
25 | static OSSL_FUNC_rand_newctx_fn seed_src_new; | |
26 | static OSSL_FUNC_rand_freectx_fn seed_src_free; | |
27 | static OSSL_FUNC_rand_instantiate_fn seed_src_instantiate; | |
28 | static OSSL_FUNC_rand_uninstantiate_fn seed_src_uninstantiate; | |
29 | static OSSL_FUNC_rand_generate_fn seed_src_generate; | |
30 | static OSSL_FUNC_rand_reseed_fn seed_src_reseed; | |
31 | static OSSL_FUNC_rand_gettable_ctx_params_fn seed_src_gettable_ctx_params; | |
32 | static OSSL_FUNC_rand_get_ctx_params_fn seed_src_get_ctx_params; | |
33 | static OSSL_FUNC_rand_verify_zeroization_fn seed_src_verify_zeroization; | |
34 | static OSSL_FUNC_rand_enable_locking_fn seed_src_enable_locking; | |
8389eeea P |
35 | static OSSL_FUNC_rand_lock_fn seed_src_lock; |
36 | static OSSL_FUNC_rand_unlock_fn seed_src_unlock; | |
9ed185a9 P |
37 | static OSSL_FUNC_rand_get_seed_fn seed_get_seed; |
38 | static OSSL_FUNC_rand_clear_seed_fn seed_clear_seed; | |
81aef6ba P |
39 | |
40 | typedef struct { | |
41 | void *provctx; | |
42 | int state; | |
43 | } PROV_SEED_SRC; | |
44 | ||
45 | static void *seed_src_new(void *provctx, void *parent, | |
46 | const OSSL_DISPATCH *parent_dispatch) | |
47 | { | |
48 | PROV_SEED_SRC *s; | |
49 | ||
50 | if (parent != NULL) { | |
51 | ERR_raise(ERR_LIB_PROV, PROV_R_SEED_SOURCES_MUST_NOT_HAVE_A_PARENT); | |
52 | return NULL; | |
53 | } | |
54 | ||
55 | s = OPENSSL_zalloc(sizeof(*s)); | |
e077455e | 56 | if (s == NULL) |
81aef6ba | 57 | return NULL; |
81aef6ba P |
58 | |
59 | s->provctx = provctx; | |
60 | s->state = EVP_RAND_STATE_UNINITIALISED; | |
61 | return s; | |
62 | } | |
63 | ||
64 | static void seed_src_free(void *vseed) | |
65 | { | |
66 | OPENSSL_free(vseed); | |
67 | } | |
68 | ||
69 | static int seed_src_instantiate(void *vseed, unsigned int strength, | |
70 | int prediction_resistance, | |
b98d550d P |
71 | const unsigned char *pstr, size_t pstr_len, |
72 | ossl_unused const OSSL_PARAM params[]) | |
81aef6ba P |
73 | { |
74 | PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; | |
75 | ||
76 | s->state = EVP_RAND_STATE_READY; | |
77 | return 1; | |
78 | } | |
79 | ||
80 | static int seed_src_uninstantiate(void *vseed) | |
81 | { | |
82 | PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; | |
83 | ||
84 | s->state = EVP_RAND_STATE_UNINITIALISED; | |
85 | return 1; | |
86 | } | |
87 | ||
88 | static int seed_src_generate(void *vseed, unsigned char *out, size_t outlen, | |
89 | unsigned int strength, | |
90 | ossl_unused int prediction_resistance, | |
91 | ossl_unused const unsigned char *adin, | |
92 | ossl_unused size_t adin_len) | |
93 | { | |
94 | PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; | |
95 | size_t entropy_available; | |
96 | RAND_POOL *pool; | |
97 | ||
98 | if (s->state != EVP_RAND_STATE_READY) { | |
99 | ERR_raise(ERR_LIB_PROV, | |
100 | s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE | |
101 | : PROV_R_NOT_INSTANTIATED); | |
102 | return 0; | |
103 | } | |
104 | ||
1335ca4b | 105 | pool = ossl_rand_pool_new(strength, 1, outlen, outlen); |
81aef6ba | 106 | if (pool == NULL) { |
e077455e | 107 | ERR_raise(ERR_LIB_PROV, ERR_R_RAND_LIB); |
81aef6ba P |
108 | return 0; |
109 | } | |
110 | ||
111 | /* Get entropy by polling system entropy sources. */ | |
112 | entropy_available = ossl_pool_acquire_entropy(pool); | |
113 | ||
114 | if (entropy_available > 0) | |
1335ca4b | 115 | memcpy(out, ossl_rand_pool_buffer(pool), ossl_rand_pool_length(pool)); |
81aef6ba | 116 | |
1335ca4b | 117 | ossl_rand_pool_free(pool); |
81aef6ba P |
118 | return entropy_available > 0; |
119 | } | |
120 | ||
121 | static int seed_src_reseed(void *vseed, | |
122 | ossl_unused int prediction_resistance, | |
123 | ossl_unused const unsigned char *ent, | |
124 | ossl_unused size_t ent_len, | |
125 | ossl_unused const unsigned char *adin, | |
126 | ossl_unused size_t adin_len) | |
127 | { | |
128 | PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; | |
129 | ||
130 | if (s->state != EVP_RAND_STATE_READY) { | |
131 | ERR_raise(ERR_LIB_PROV, | |
132 | s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE | |
133 | : PROV_R_NOT_INSTANTIATED); | |
134 | return 0; | |
135 | } | |
136 | return 1; | |
137 | } | |
138 | ||
139 | static int seed_src_get_ctx_params(void *vseed, OSSL_PARAM params[]) | |
140 | { | |
141 | PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; | |
142 | OSSL_PARAM *p; | |
143 | ||
144 | p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STATE); | |
145 | if (p != NULL && !OSSL_PARAM_set_int(p, s->state)) | |
146 | return 0; | |
147 | ||
148 | p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STRENGTH); | |
149 | if (p != NULL && !OSSL_PARAM_set_int(p, 1024)) | |
150 | return 0; | |
151 | ||
152 | p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_MAX_REQUEST); | |
153 | if (p != NULL && !OSSL_PARAM_set_size_t(p, 128)) | |
154 | return 0; | |
155 | return 1; | |
156 | } | |
157 | ||
a3f091fd P |
158 | static const OSSL_PARAM *seed_src_gettable_ctx_params(ossl_unused void *vseed, |
159 | ossl_unused void *provctx) | |
81aef6ba P |
160 | { |
161 | static const OSSL_PARAM known_gettable_ctx_params[] = { | |
162 | OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL), | |
163 | OSSL_PARAM_uint(OSSL_RAND_PARAM_STRENGTH, NULL), | |
164 | OSSL_PARAM_size_t(OSSL_RAND_PARAM_MAX_REQUEST, NULL), | |
165 | OSSL_PARAM_END | |
166 | }; | |
167 | return known_gettable_ctx_params; | |
168 | } | |
169 | ||
170 | static int seed_src_verify_zeroization(ossl_unused void *vseed) | |
171 | { | |
172 | return 1; | |
173 | } | |
174 | ||
9ed185a9 P |
175 | static size_t seed_get_seed(void *vseed, unsigned char **pout, |
176 | int entropy, size_t min_len, size_t max_len, | |
177 | int prediction_resistance, | |
178 | const unsigned char *adin, size_t adin_len) | |
179 | { | |
180 | size_t bytes_needed; | |
181 | unsigned char *p; | |
182 | ||
183 | /* | |
184 | * Figure out how many bytes we need. | |
185 | * This assumes that the seed sources provide eight bits of entropy | |
186 | * per byte. For lower quality sources, the formula will need to be | |
187 | * different. | |
188 | */ | |
189 | bytes_needed = entropy >= 0 ? (entropy + 7) / 8 : 0; | |
190 | if (bytes_needed < min_len) | |
191 | bytes_needed = min_len; | |
192 | if (bytes_needed > max_len) { | |
193 | ERR_raise(ERR_LIB_PROV, PROV_R_ENTROPY_SOURCE_STRENGTH_TOO_WEAK); | |
194 | return 0; | |
195 | } | |
196 | ||
197 | p = OPENSSL_secure_malloc(bytes_needed); | |
e077455e | 198 | if (p == NULL) |
9ed185a9 | 199 | return 0; |
9ed185a9 | 200 | if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance, |
52dcc011 DB |
201 | adin, adin_len) != 0) { |
202 | *pout = p; | |
9ed185a9 | 203 | return bytes_needed; |
52dcc011 | 204 | } |
9ed185a9 P |
205 | OPENSSL_secure_clear_free(p, bytes_needed); |
206 | return 0; | |
207 | } | |
208 | ||
209 | static void seed_clear_seed(ossl_unused void *vdrbg, | |
210 | unsigned char *out, size_t outlen) | |
211 | { | |
212 | OPENSSL_secure_clear_free(out, outlen); | |
213 | } | |
214 | ||
81aef6ba P |
215 | static int seed_src_enable_locking(ossl_unused void *vseed) |
216 | { | |
217 | return 1; | |
218 | } | |
219 | ||
8389eeea P |
220 | int seed_src_lock(ossl_unused void *vctx) |
221 | { | |
222 | return 1; | |
223 | } | |
224 | ||
225 | void seed_src_unlock(ossl_unused void *vctx) | |
226 | { | |
227 | } | |
228 | ||
81aef6ba P |
229 | const OSSL_DISPATCH ossl_seed_src_functions[] = { |
230 | { OSSL_FUNC_RAND_NEWCTX, (void(*)(void))seed_src_new }, | |
231 | { OSSL_FUNC_RAND_FREECTX, (void(*)(void))seed_src_free }, | |
232 | { OSSL_FUNC_RAND_INSTANTIATE, | |
233 | (void(*)(void))seed_src_instantiate }, | |
234 | { OSSL_FUNC_RAND_UNINSTANTIATE, | |
235 | (void(*)(void))seed_src_uninstantiate }, | |
236 | { OSSL_FUNC_RAND_GENERATE, (void(*)(void))seed_src_generate }, | |
237 | { OSSL_FUNC_RAND_RESEED, (void(*)(void))seed_src_reseed }, | |
238 | { OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))seed_src_enable_locking }, | |
8389eeea P |
239 | { OSSL_FUNC_RAND_LOCK, (void(*)(void))seed_src_lock }, |
240 | { OSSL_FUNC_RAND_UNLOCK, (void(*)(void))seed_src_unlock }, | |
81aef6ba P |
241 | { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS, |
242 | (void(*)(void))seed_src_gettable_ctx_params }, | |
243 | { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))seed_src_get_ctx_params }, | |
244 | { OSSL_FUNC_RAND_VERIFY_ZEROIZATION, | |
245 | (void(*)(void))seed_src_verify_zeroization }, | |
9ed185a9 P |
246 | { OSSL_FUNC_RAND_GET_SEED, (void(*)(void))seed_get_seed }, |
247 | { OSSL_FUNC_RAND_CLEAR_SEED, (void(*)(void))seed_clear_seed }, | |
81aef6ba P |
248 | { 0, NULL } |
249 | }; |